View All Jobs 134970

Senior Security Engineer

Architect and implement secure cloud infrastructure enabling FedRAMP/CMMC readiness integrated into development lifecycle.
New York
Senior
$180,000 – 220,000 USD / year
7 hours agoBe an early applicant
Kaizen Labs

Kaizen Labs

Develops digital experience platforms for cities.
2 Similar Jobs at Kaizen Labs

Security Engineer

Kaizen's platform reaches 40M residents across 50+ agencies in 17 states. We've already signed multiple federal customers with many more in the pipeline — and the work of making Kaizen federal-ready is currently spread across a handful of engineers. That doesn't scale. We're hiring our first dedicated security engineer to sit on the platform team and own this end to end: architect the controls, write the SSPs, and partner with engineering to embed compliance into how we ship rather than bolt it on after.

This is a hybrid role based out of our New York City HQ. Candidates must reside in New York or be able to commute to New York City to work out of our office at least three times a week (Tuesdays - Thursdays).

Kaizen exists to strengthen trust in American public services. Security and compliance aren't constraints on that mission — they're the foundation that makes the work matter at the federal scale.

What You'll Do

  • Architect and operationalize security across infrastructure, platform, CI/CD, and application layers, with a focus on AWS (including GovCloud) and Terraform
  • Lead readiness across federal compliance frameworks — FedRAMP, CMMC, and DoD Impact Levels — translating NIST 800-53 and related controls into real engineering implementations, and owning the SSPs, POA&Ms, and technical policy documentation
  • Build continuous compliance and audit-readiness workflows that make accreditation a byproduct of how we ship, not a separate workstream
  • Be smart about AI and tooling — use automated AI-driven security scanning, modern hardened-image platforms like Chainguard, and other leverage points to multiply the impact of a small security team
  • Establish secure software supply chain practices: SBOMs, image signing, workload identity, and hardened deployment pipelines
  • Own the technical relationship with assessors, auditors, and federal security stakeholders — you are the credible technical voice in those rooms
  • Drive a secure-by-default engineering culture so residents and public servants can trust the systems we put in front of them

What You'll Bring

  • 5+ years of hands-on experience building and securing cloud-native platforms in AWS and Terraform — you can architect controls and also implement them yourself
  • Direct experience with federal authorization work — FedRAMP, CMMC, DoD IL, or comparable regulated environments. You don't need to have shepherded a full authorization across the finish line, but you've done enough of the real work to know what it takes
  • Deep familiarity with NIST 800-53 and the ability to translate controls into pragmatic engineering work rather than checkbox compliance
  • Strong working knowledge of modern supply chain security: SBOMs, image signing, workload identity, secure CI/CD
  • Track record operating effectively in early-stage or fast-moving environments where you set the bar rather than inherit it

Strong Candidates May Also...

  • Have supported federal SaaS, defense tech, or regulated infrastructure companies through accreditation
  • Have led a company through its first federal authorization rather than maintaining an existing one
  • Have hands-on experience with Chainguard, AI-powered security tooling, or similar leverage-multiplying platforms
  • Have worked with platforms like Second Front or similar federal compliance accelerators

Don't Apply If...

  • You want to own policy and hand the implementation to someone else — this role lives in the code and the infrastructure
  • You think compliance is paperwork — at Kaizen it's a load-bearing engineering discipline
  • You think AI tools are a crutch rather than a force multiplier
  • You need a mature security program already in place to be effective

What Kaizen Offers

  • Comprehensive medical through Oxford/United - Gold and Platinum PPO plans, with 85% of premiums covered on the Platinum plan and a $0 employee premium option. Dental through Guardian PPO and vision through Beam, with 99% of employee premiums covered and 50% for dependents.
  • $100,000 in fully paid life insurance. FSA and Dependent Care FSA. 401(k) access through Guideline.
  • 16 weeks of fully paid parental leave for birthing parents. 10 weeks fully paid for non-birthing parents.
  • Unlimited PTO & closed for all federal holidays.
  • Company-wide winter break the week of Christmas.
  • One-time home office or desk setup stipend up to $750.
  • $50/month commuter benefit.
  • $100/month for wellness or productivity - your call on how you use it!
  • $500/year for professional development.
  • $250/year for recreation.
  • Company-provided laptop.
  • Expensed lunch while in the office.

Kaizen is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, age, sex, national origin, disability, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local law. If you need an accommodation during the interview process, email us at careers@kaizenlabs.co.

+ Show Original Job Post
Suggest a correction
























Senior Security Engineer
New York
$180,000 – 220,000 USD / year
Engineering
Apply to job
About Kaizen Labs
Develops digital experience platforms for cities.